Details of VAR-201905-0239

ID

VAR-201905-0239

CVE

CVE-2019-1724

TITLE

Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Router Authentication vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003885

DESCRIPTION

A vulnerability in the session management functionality of the web-based interface for Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. An attacker could use this impersonated session to create a new user account or otherwise control the device with the privileges of the hijacked session. The vulnerability is due to a lack of proper session management controls. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted device. A successful exploit could allow the attacker to take control of an existing user session on the device. Exploitation of the vulnerability requires that an authorized user session is active and that the attacker can craft an HTTP request to impersonate that session. Cisco Small Business RV320 is a VPN router of Cisco Company in the United States. This issue is being tracked by Cisco bug ID CSCvn77859, CSCvn79158. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products

Trust: 2.52

sources: NVD: CVE-2019-1724 // JVNDB: JVNDB-2019-003885 // CNVD: CNVD-2019-33822 // BID: 108139 // VULHUB: VHN-149466

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-33822

AFFECTED PRODUCTS

vendor:	cisco	model:	rv325 dual wan gigabit vpn router	scope:	eq	version:	1.3.1.12	Trust: 1.0
vendor:	cisco	model:	rv320 dual gigabit wan vpn router software	scope:	eq	version:	1.3.1.12	Trust: 1.0
vendor:	cisco	model:	rv320 dual gigabit wan vpn router	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	rv325 dual gigabit wan vpn router	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	small business rv320	scope:	lt	version:	1.4.2.20	Trust: 0.6
vendor:	cisco	model:	small business rv325	scope:	lt	version:	1.4.2.20	Trust: 0.6
vendor:	cisco	model:	small business rv series routers	scope:	eq	version:	1.3.1.12	Trust: 0.3
vendor:	cisco	model:	rv325 dual gigabit wan vpn router	scope:	eq	version:	1.4.2.19	Trust: 0.3
vendor:	cisco	model:	rv325 dual gigabit wan vpn router	scope:	eq	version:	1.4.2.18	Trust: 0.3
vendor:	cisco	model:	rv325 dual gigabit wan vpn router	scope:	eq	version:	1.4.2.17	Trust: 0.3
vendor:	cisco	model:	rv325 dual gigabit wan vpn router	scope:	eq	version:	1.4.2.16	Trust: 0.3
vendor:	cisco	model:	rv325 dual gigabit wan vpn router	scope:	eq	version:	1.4.2.15	Trust: 0.3
vendor:	cisco	model:	rv325 dual gigabit wan vpn router	scope:	eq	version:	1.3.1.12	Trust: 0.3
vendor:	cisco	model:	rv320 dual gigabit wan vpn router	scope:	eq	version:	1.4.2.19	Trust: 0.3
vendor:	cisco	model:	rv320 dual gigabit wan vpn router	scope:	eq	version:	1.4.2.18	Trust: 0.3
vendor:	cisco	model:	rv320 dual gigabit wan vpn router	scope:	eq	version:	1.4.2.17	Trust: 0.3
vendor:	cisco	model:	rv320 dual gigabit wan vpn router	scope:	eq	version:	1.4.2.16	Trust: 0.3
vendor:	cisco	model:	rv320 dual gigabit wan vpn router	scope:	eq	version:	1.4.2.15	Trust: 0.3
vendor:	cisco	model:	rv320 dual gigabit wan vpn router	scope:	eq	version:	1.3.1.12	Trust: 0.3
vendor:	cisco	model:	small business rv series routers	scope:	ne	version:	1.4.2.20	Trust: 0.3
vendor:	cisco	model:	rv325 dual gigabit wan vpn router	scope:	ne	version:	1.4.2.20	Trust: 0.3
vendor:	cisco	model:	rv320 dual gigabit wan vpn router	scope:	ne	version:	1.4.2.20	Trust: 0.3

sources: CNVD: CNVD-2019-33822 // BID: 108139 // JVNDB: JVNDB-2019-003885 // NVD: CVE-2019-1724

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1724
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1724
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-1724
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-33822
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201905-053
value:	HIGH
Trust: 0.6
VULHUB:	VHN-149466
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-1724
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-33822
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-149466
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2019-1724
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-1724
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2019-33822 // VULHUB: VHN-149466 // JVNDB: JVNDB-2019-003885 // CNNVD: CNNVD-201905-053 // NVD: CVE-2019-1724 // NVD: CVE-2019-1724

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.9

sources: VULHUB: VHN-149466 // JVNDB: JVNDB-2019-003885 // NVD: CVE-2019-1724

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-053

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201905-053

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003885

PATCH

title:	cisco-sa-20190501-sbr-hijack	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sbr-hijack	Trust: 0.8
title:	Patch for Cisco Small Business RV320 and RV325 Authorization Issue Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/183029	Trust: 0.6
title:	Cisco Small Business RV320 and RV325 Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92196	Trust: 0.6

sources: CNVD: CNVD-2019-33822 // JVNDB: JVNDB-2019-003885 // CNNVD: CNNVD-201905-053

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1724	Trust: 3.4
db:	BID	id:	108139	Trust: 1.0
db:	JVNDB	id:	JVNDB-2019-003885	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-053	Trust: 0.7
db:	CNVD	id:	CNVD-2019-33822	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1535	Trust: 0.6
db:	VULHUB	id:	VHN-149466	Trust: 0.1

sources: CNVD: CNVD-2019-33822 // VULHUB: VHN-149466 // BID: 108139 // JVNDB: JVNDB-2019-003885 // CNNVD: CNNVD-201905-053 // NVD: CVE-2019-1724

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-sbr-hijack	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1724	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1724	Trust: 0.8
url:	https://web.nvd.nist.gov//vuln/detail/cve-2019-1724	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80178	Trust: 0.6
url:	https://www.securityfocus.com/bid/108139	Trust: 0.6

sources: CNVD: CNVD-2019-33822 // VULHUB: VHN-149466 // BID: 108139 // JVNDB: JVNDB-2019-003885 // CNNVD: CNNVD-201905-053 // NVD: CVE-2019-1724

CREDITS

security researchers Xie Wei and Wu Linjie .,Xie Wei and Wu Linjie.

Trust: 0.6

sources: CNNVD: CNNVD-201905-053

SOURCES

db:	CNVD	id:	CNVD-2019-33822
db:	VULHUB	id:	VHN-149466
db:	BID	id:	108139
db:	JVNDB	id:	JVNDB-2019-003885
db:	CNNVD	id:	CNNVD-201905-053
db:	NVD	id:	CVE-2019-1724

LAST UPDATE DATE

2024-08-14T14:45:21.622000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-33822	date:	2019-09-29T00:00:00
db:	VULHUB	id:	VHN-149466	date:	2019-10-09T00:00:00
db:	BID	id:	108139	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-003885	date:	2019-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201905-053	date:	2019-05-14T00:00:00
db:	NVD	id:	CVE-2019-1724	date:	2021-09-13T12:23:34.570

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-33822	date:	2019-09-29T00:00:00
db:	VULHUB	id:	VHN-149466	date:	2019-05-03T00:00:00
db:	BID	id:	108139	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-003885	date:	2019-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201905-053	date:	2019-05-01T00:00:00
db:	NVD	id:	CVE-2019-1724	date:	2019-05-03T17:29:00.673